{"id":10481,"date":"2019-07-17T00:21:00","date_gmt":"2019-07-16T22:21:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=10481"},"modified":"2021-12-17T18:36:46","modified_gmt":"2021-12-17T17:36:46","slug":"windows-10-important-secure-boot-bitlocker-bug-fix","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/07\/17\/windows-10-important-secure-boot-bitlocker-bug-fix\/","title":{"rendered":"Windows 10: Important Secure Boot\/Bitlocker Bug-Fix"},"content":{"rendered":"

[German<\/a>]Today a short note for Windows 10 users who use Bitlocker with Secure Boot. And Microsoft has released an important Servicing Stack Update (SSU) for all supported Windows 10 versions, which is supposed to solve a Bitlocker problem in connection with Secure Boot.<\/p>\n

<\/p>\n

\"\"Preliminary note: Users with Windows 10 Home are not affected by the following instructions.<\/p>\n

Secure Boot affects Bitlocker<\/h2>\n

UEFI and Secure Boot are always good for trouble. For Microsoft's Surface devices, for example, the problem is known that Bitlocker goes into recovery mode and requires a recovery key when an update to the UEFI or TPM firmware is installed.<\/p>\n

In general, however, there is a bug in the secure boot of UEFI systems that causes an activated bitlocker to be forced into recovery mode at system startup. Microsoft now tackles this problem with a Servicing Stack Update (SSU).Generell gibt es aber wohl im Secure Boot von UEFI-Systemen einen Bug, der dazu f\u00fchrt, dass ein aktiviertes Bitlocker beim Systemstart in den Recovery-Mode gezwungen wird. Genau dieses Problem packt Microsoft nun mit einem Servicing Stack Update (SSU) an.<\/p>\n

Update KB4509096 for Windows 10 V1903<\/h2>\n

On July 9, 2019, Microsoft released the Servicing Stack Update (SSU) KB4509096<\/a> for Windows 10 Version 1903 as part of the regular patchday. As usual, Microsoft promises quality improvements in the Servicing Stack so that Windows updates can be installed more easily afterwards. This time, however, the SSU KB4509096 contains important information. Microsoft points out an important fix in the Key-Changes:<\/p>\n

Addresses an issue with a Secure Boot feature update that may cause BitLocker to go into recovery mode because of a race condition.<\/p><\/blockquote>\n

This update addresses an issue related to a secure boot feature update. A race condition occurs when starting a system with Secure Boot enabled. I interpret it to mean that it can cause the Bitlocker module to become active before the Secure Boot checks are complete. As a result, Bitlocker is forced into recovery mode, in which a recovery key is queried.<\/p>\n

The update is automatically distributed via Windows Update, but is also available via Microsoft Update Catalog<\/a>. A restart is not required after installing the SSU and there are no installation requirements.<\/p>\n

Updates for Windows 10 V1507 to V1809<\/h2>\n

If you browse the list of Servicing Stack updates under ADV990001<\/a> and call up the corresponding KB articles, they all contain the reference to the Bitlocker fix. Here is the list of relevant updates<\/p>\n